
package com.ctg.sysmgr.sso.server.service.sys.impl;


import java.security.GeneralSecurityException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.FailedLoginException;

import org.jasig.cas.authentication.AccountDisabledException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.ctg.sysmgr.sso.server.common.uitl.Md5Tool;
import com.ctg.sysmgr.sso.server.data.dao.sys.ISystemUserDao;
import com.ctg.sysmgr.sso.server.data.entity.SystemUser;
import com.ctg.sysmgr.sso.server.dto.UserDTO;
import com.ctg.sysmgr.sso.server.service.sys.ISystemUserService;

public class SystemUserServiceImpl implements ISystemUserService{
	
	private ISystemUserDao systemUserDao;
	public static ThreadLocal<Map<String,Object>> threadLocal = new ThreadLocal<Map<String,Object>>();

	public ISystemUserDao getSystemUserDao() {
		return systemUserDao;
	}

	public void setSystemUserDao(ISystemUserDao systemUserDao) {
		this.systemUserDao = systemUserDao;
	}

	private final Logger logger = LoggerFactory.getLogger(this.getClass());
	
	@Override
	public Long check(UserDTO user) throws GeneralSecurityException{
		SystemUser sysUser = systemUserDao.getUserByName(user.getSysCode());
		if(sysUser == null){
			logger.info("登录验证失败，原因是不存在用户名为 {} 的用户。", user.getSysCode());
			throw new AccountNotFoundException("用户不存在");
		}
		Date userEffDate = sysUser.getEffDate();
		Date userExpDate = sysUser.getExpDate();
		Long now = new Date().getTime();
		if(userEffDate != null && now < userEffDate.getTime()) { //用户生效时间未到
			logger.info("登录验证失败，原因是用户的生效时间还未到，用户名为{}。", sysUser.getSysUserCode());
			throw new AccountDisabledException("用户的生效时间还未到");
		}
		if(userExpDate != null && now > userExpDate.getTime()) {//用户已失效
			logger.info("登录验证失败，原因是用户已失效，用户名为{}。", sysUser.getSysUserCode());
			throw new AccountDisabledException("用户已失效");
		}
		String statusCd = sysUser.getStatusCd();
		if("".equals(statusCd)) {//用户状态为无效
			logger.info("登录验证失败，原因是用户的状态为无效，用户名为{}。", sysUser.getSysUserCode());
			throw new AccountDisabledException("用户的状态为无效");
		}
		String pwdStatus = sysUser.getPwdStatus();
		if("".equals(pwdStatus)) { //密码状态为无效
			logger.info("登录验证失败，原因是用户的密码状态为无效，用户名为{}。", sysUser.getSysUserCode());
			throw new CredentialExpiredException("用户的密码状态为无效");
			
		}
		Date pwdNewDate = sysUser.getPwdNewtime();
		Integer pwdEffectDays = sysUser.getPwdEffectDays();
		if(pwdEffectDays != null && pwdNewDate != null && now > (pwdNewDate.getTime() + pwdEffectDays * 1000 * 60 * 60 * 24)) { //密码有效期已经过了
			logger.info("登录验证失败，原因是用户的密码已过有效期，用户名为{}。", sysUser.getSysUserCode());
			throw new CredentialExpiredException("用户的密码已过有效期");
		}
		
		String password = sysUser.getPassword();
		String loginPass = Md5Tool.getMd5(user.getPasswd());
		if(loginPass != null && loginPass.equals(password)) {
			Long sysUserId = sysUser.getSysUserId();
			//登录成功后，将用户对象存放在threadLocal中，以便在返回更多信息给客户端的时候获取 ，无须再查询数据库或调用系统数据服务。
			Map<String,Object> map = new HashMap<>();
			map.put("sysUser", sysUser);
			threadLocal.set(map);
			logger.info("登录验证成功，用户名为 {}，userId为{}。", user.getSysCode(), sysUser.getId());
			return sysUserId;
		} else {
			logger.info("登录验证失败，原因是密码不正确，用户名为{}.", user.getSysCode());
			throw new FailedLoginException("用户密码不正确");
		}
		
	}

	public final void setUserDao(final ISystemUserDao systemUserDao) {
		this.systemUserDao = systemUserDao;
	}

   
}
